File Access Vulnerability in BIG-IP APM Edge Client for macOS by F5 Networks
CVE-2019-6668

5.5MEDIUM

Key Information:

Vendor: F5
Status: Big-ip Apm Edge Client
Vendor: CVE Published:; 27 November 2019

Summary

A vulnerability in the BIG-IP APM Edge Client for macOS allows unprivileged users to gain access to files that should be protected and only accessible by the root user. This issue is present in several versions of the client, making it a significant concern for users who rely on effective access controls to safeguard sensitive information. Proper mitigation steps should be taken to ensure system integrity and protect against unauthorized file access.

Affected Version(s)

BIG-IP APM Edge Client 15.0.0-15.0.1

BIG-IP APM Edge Client 14.1.0-14.1.0.5

BIG-IP APM Edge Client 14.0.0-14.0.0.4

References

https://support.f5.com/csp/article/K49827114

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 27, 2019
Vulnerability Reserved
Jan 22, 2019